This application is a continuation-in-part of U.S. patent application Ser. No. 13/240,572, filed on Sep. 22, 2011, and Ser. No. 14/944,484, filed on Nov. 18, 2015, which is a continuation of U.S. patent application Ser. No. 13/240,572, filed on Sep. 22, 2011, and both of which are entitled to the benefit of the filing date of U.S. provisional patent application Ser. 61/386,156, filed on Sep. 24, 2010, and Ser. 61/492,287, filed on Jun. 1, 2011. This description also relates to U.S. Ser. No. 14/021,585, filed Feb. 16, 2016; Ser. No. 15/089,375, filed on Apr. 1, 2016; and Ser. No. 15/089,207, filed on Apr. 1, 2016. All of the applications identified in this paragraph are incorporated here by reference in their entirety.
This description relates to security assessment using service provider digital asset information.
An Internet-related service provider, for example, typically maintains, with respect to each of its customers, account information about the customer and its Internet-related service, including the kind of contract that applies to the customer, an account identifier, contact information, email addresses, and identification of digital assets (such as IP addresses, domain names, phone numbers, International Mobile Station Equipment Identities (IMEI), and International Mobile Subscriber Identities (IMSI)) that are assigned to the customer, among others.
Information about the relationships between digital assets and entities that own, control, or manage such assets can be useful in tracking, assessing, rating, and reporting of cyber security risks associated with the entities.